const jwt = require('jsonwebtoken');

// Token验证中间件
const verifyToken = (req, res, next) => {
  const token = req.headers['authorization'];
  if (!token) return res.status(403).json({ code: 403, message: '未提供Token' });
  
  jwt.verify(token.replace('Bearer ', ''), 'your_secret_key', (err, decoded) => {
    if (err) return res.status(401).json({ code: 401, message: '未授权' });
    req.userId = decoded.id;
    next();
  });
};

module.exports = { verifyToken };    